NEAS[.]159c15a2847ea2e7d7a9f666c297a6f0_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.159c15a2847ea2e7d7a9f666c297a6f0_JC.exe
Size

3.0MB
MD5

159c15a2847ea2e7d7a9f666c297a6f0
SHA1

f589db5cb3263ea39649815a41d63b23725d6fd0
SHA256

982a0148138774a49622d52c46dc9f1369276f99b0f82923bd0e91249fd6d3d8
SHA512

aac231f892308c8085ff8ae27a07d5f9b5e71c091b1bbec479a3904762ccfeffeaa4987093e98dcc4c1f3098b7b7489bd2561a411900cff6f95d8a7efd84857d
SSDEEP

49152:ntfsTRoHRAunUWSFrREY0eNMCMs+nhMFxC6TrygnnIF:tfsTmsdt0eNMCMDhv69nI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.159c15a2847ea2e7d7a9f666c297a6f0_JC.exe

Files

NEAS.159c15a2847ea2e7d7a9f666c297a6f0_JC.exe
.exe windows:6 windows x86

f7f6b5e4848b56fd67e6f2e5c327f7f7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
OutputDebugStringA
CloseHandle
GetLastError
GetCurrentDirectoryA
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
CreateThread
VirtualAlloc
VirtualFree
GetPrivateProfileStringA
SetConsoleTitleA
LoadResource
LockResource
SizeofResource
LoadLibraryA
FindResourceA
GetCurrentProcess
VirtualAllocEx
VirtualFreeEx
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetPrivateProfileIntA
WritePrivateProfileStringA
DeleteFileA
WriteConsoleW
HeapSize
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
CreateFileA
VerifyVersionInfoW
GetProcAddress
GetModuleHandleA
ExitProcess
GetCurrentProcessId
VerSetConditionMask
GetTickCount64
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetFileAttributesExW
HeapReAlloc
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
GetTimeZoneInformation
GetFileType
HeapFree
HeapAlloc
EnumSystemLocalesW
GetUserDefaultLCID
MultiByteToWideChar
Sleep
WideCharToMultiByte
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetStringTypeW
GetCPInfo
CreateFileW
ReadFile
GetVolumeInformationA
CreatePipe
DeviceIoControl
WaitForSingleObject
CreateProcessW
GetStartupInfoW
FreeLibrary
LoadLibraryW
GetExitCodeProcess
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RaiseException
RtlUnwind
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
GetCommandLineA
GetCommandLineW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale

user32

MoveWindow
GetAsyncKeyState
GetSystemMetrics
MessageBoxA
FindWindowA
SetForegroundWindow
GetWindowThreadProcessId

advapi32

OpenSCManagerA
ControlService
StartServiceA
OpenServiceA
CloseServiceHandle
DeleteService
CreateServiceA

ntdll

NtQuerySystemInformation

ws2_32

WSACleanup
inet_pton
closesocket
connect
htons
recv
send
socket
WSAStartup

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 588KB - Virtual size: 588KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text0
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 785KB - Virtual size: 785KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7f6b5e4848b56fd67e6f2e5c327f7f7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ntdll

ws2_32

iphlpapi

Sections

.text Size: 588KB - Virtual size: 588KB

.rdata Size: 66KB - Virtual size: 66KB

.data Size: 55KB - Virtual size: 80KB

.text0 Size: 1.5MB - Virtual size: 1.5MB

.reloc Size: 14KB - Virtual size: 13KB

.rsrc Size: 785KB - Virtual size: 785KB

.text
Size: 588KB - Virtual size: 588KB

.rdata
Size: 66KB - Virtual size: 66KB

.data
Size: 55KB - Virtual size: 80KB

.text0
Size: 1.5MB - Virtual size: 1.5MB

.reloc
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 785KB - Virtual size: 785KB